Reputation: 696
How to protect my e-mail address from spambots
I was wondering what rails offers to obfuscate e-mail addresses to protect it from crawlers, spambots and mail harvesters, gathering addresses to send spam.
May be I used wrong keywords, but wasn’t really able to find a gem.
I found a statistic comparing different methods to mask the mail address: http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-mail-addresses-compared/
I wrote a snippet that combines the top two methods.
The snipped isn’t mature yet, but I like to share it anyway, it might be a starting point for others facing the same issue. (One next step would be to replace already linked addresses with obscured plain text.)
Before heading on I would like to know what is best practice in rails. This is a common problem and I must have missed a gem dealing with it!?
If I use my approach, what is the best way to integrate/trigger it in my app?
Any kind of before_filter? Before rendering??? Something like that?
Or like I do it currently, calling it in the view as a helper_methode?
It could even be added to string class…
In my application_helper.rb
def obfuscate_emails(content, domain_prefix = 'nirvana', clss = 'maildecode')
# This shall protect emails from spam spiders/crawlers gathering emails from webpages
# Add the following SASS to your Stylesheets
#
# span.maildecode
# direction: rtl
# unicode-bidi: bidi-override
#
# Further more you might want to use Javascript(.erb) to add links to the email addresses like this
#
# $(document).ready(function() {
# function link_emails(subdomain){
# console.log("Find an replace reverse emails, fake subdomain is "+subdomain);
# $(".maildecode").each(function() {
# email = $(this).text().replace('.'+subdomain,'').split("").reverse().join("");
# console.log("- clean email is "+email);
# // $(this).html($(this).text().replace('.'+subdomain,'')); // uncomment if you like to clean up the html a bit
# $(this).wrap('<a href="mailto:'+email+'">');
# });
# }
#
# link_emails('<%= ENV['OBFUSCATE_EMAIL_SUBDOMAIN'] %>');
# });
#
# Thanks to
# http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-mail-addresses-compared/
email_re = /[\w.!#\$%+-]+@[\w-]+(?:\.[\w-]+)+/
content.scan(email_re).each do |mail|
obfuscate_mail = "<span class='#{clss}'>#{mail.reverse.split('@')[0]}<span style='display: none;'>.#{domain_prefix}</span>@#{mail.reverse.split('@')[1]}</span>"
content = content.sub(mail, obfuscate_mail)
end
content # use raw(obfuscate_emails(content)) otherwise rails will escape the html
end
Upvotes: 2
Views: 1712
Answers (2)
Reputation: 19879
Just use the built in mail_to helper that Rails has...
http://api.rubyonrails.org/classes/ActionView/Helpers/UrlHelper.html#method-i-mail_to
mail_to '[email protected]', 'click to email', :encode => .... # couple of encoding options
NOTE: This does not work in Rails 4 anymore. From the docs: Prior to Rails 4.0, mail_to provided options for encoding the address in order to hinder email harvesters. To take advantage of these options, install the actionview-encoded_mail_to gem. (Thanks to @zwippie)
Upvotes: 5
Reputation: 20845
You could simply replace the @-sign as a simple solution:
"[email protected]".sub("@","-at-") #=> example-at-example.com
"[email protected]".sub("@","{at}") #=> example{at}example.org
see obfuscate emails with ruby to protect against harvesters
Upvotes: 0
Related Questions
- Protecting email addresses from spam bots / web crawlers
- How to protect visible email address from spam with gem for Ruby 4?
- How to prevent spam in rails?
- How can I prevent email spam (too many instant emails on actions)?
- How can I code to prevent spam posts in Rails3?
- using rails 3 mail
- Spam prevention in Rails
- How to send out verification emails safely?
- Rails 3.0 Sending Email Security Best Practices
- Spam checking in rails